yescorp
commented
3 months ago Are there any updates on this? I am searching the documentation about how to configure access with TokenCredential but didn't find anything related to it.
Everywhere either ConnectionString or MSI is used.
It has recently been brought to light that using Shared Access Keys is not secure and carries with it security risks. Rather than having to rely on a connection string for AzureWebJobsStorage, it would be really great it we could instead specify a TokenCredential that we want to use along with an account name in WebJobs SDK to connect to Azure Storage.
Expected behavior
Connection Strings shouldn't be the only way to connect to storage for triggers and other storage needs
Actual behavior
We are stuck using a connection string no matter what if we want to use the WebJobs SDK.
Related information
The Azure.Storage.* NuGet packages all are able to have clients that authenticate using TokenCredentials instead of service connection strings; shouldn't the WebJobs SDK have the same capability?
If it does and it just isn't obvious, then we need some guidance in the documentation about how to enable this.
Edited to add the following: I am specifically referring to Azure WebJobs, and NOT Azure Functions.